Parameter gw/reg_info Short text External security filename for gateway Parameter description This parameter can be used to protect external programs against beingregistered. Unauthorized registration of programs can be prevented bymaintaining the file reginfo in the data directory of the gatewayinstance. If the file exists, the system searches for valid registration entriesin this list. If not, the system searches as previously in thegw/sec_info> file. Using the reginfo file makes it possible to define the entries betterthan before. The syntax of the entries in this file is as follows TP=<(><<)>tp> [HOST=<(><<)>hostname>] [NO=<(><<)>n>] [ACCESS=<(> <<)>hostname,...>] [CANCEL=<(><<)>hostname,...>] Certain programs can be allowed to register from an external host byspecifying the relevant information. Valid TP name: No restriction : * TP name : foo Start of name : foo* Valid host name: No restriction : * Host name: sapprod for example IP address: 192.1.1.3 Domain : *.sap.com Subnet address : 192.1.1.* Examples of valid entries TP=* All registrations allow HOST=* TP=foo* All registrations that startwith foo, but not f or fo HOST=*.sap.com TP=* from domain *.sap.com, are all Registrations allowed If the TP name is specified without wildcards, the number ofregistrations allowed can be specified too. Example HOST=* TP=foo NO=1 , meaning that only one program can be registeredwith the name foo. All other attempts to register a program with this name arerejected. To control access from the client side too, you can define an accesslist for each entry. This is a list of host names that must comply withthe rules above. *' is not allowed however. If no access list isspecified, the program can be used from any client. The local gatewaywhere the program is registered always has access. What is important here is that the check is made on the basis of hostsand not at user level. for example HOST=* TP=foo ACCESS=*.sap.com Program foo can only be used by hosts from domain *.sap.com. Accessattempts coming from a different domain will be rejected. The CANCEL list can be used to define whether other clients can teminatethe registered program. The same rules apply for this list as for HOSTor ACCESS, for example HOST=* TP=foo ACCESS=*.sap.com CANCEL=*.wdf.sap.corp Program foo can only be terminated by clients that have logged on fromdomain wdf.sap.corp.Work area Gateway Parameter unit File Default value <(><<)>Data directory>/reginfo Who is allowed Customer Limitation for os None Limitation for db None Other parameter None Valid_values File name |